package com.menghao.sso.server.service;

import com.menghao.sso.server.exception.InvalidTicketException;
import com.menghao.sso.server.exception.ValidateFailException;
import com.menghao.sso.server.model.Service;
import com.menghao.sso.server.model.credentials.Credentials;

/**
 * <p>授权服务.<br>
 *
 * @author menghao.
 * @version 2017/11/16.
 */
public interface AuthorizationService {

    /**
     * 为用户的凭证创建TGT
     *
     * @param credentials 凭证（用户/服务）
     * @return TGT.ID
     * @throws ValidateFailException
     */
    String createTicketGrantingTicket(Credentials credentials) throws ValidateFailException;

    /**
     * 为服务发放ST
     *
     * @param ticketGrantingTicketId TGT.ID
     * @param service                服务
     * @return ST.ID
     * @throws ValidateFailException
     */
    String createServiceTicket(String ticketGrantingTicketId, Service service) throws ValidateFailException;

    /**
     * 使TGT派生的任何票证失效
     *
     * @param ticketGrantingTicketId TGT.ID
     * @throws ValidateFailException
     */
    void destroyTicketGrantingTicket(String ticketGrantingTicketId) throws InvalidTicketException;
}
